ChefとかPuppetとかの勉強会です
次回があるかはわかりませんが、今回はChef成分多めになっております
Twitterハッシュタグ #pfcasual
IRCチャンネル #chef-casual@freenode
#!/usr/bin/env perl | |
=head1 Examples | |
$ tail -f access_log | perl colorize.pl | |
$ plackup app.psgi 2>&1 | perl colorize.pl | |
=cut | |
use strict; |
# A sample Gemfile | |
source "https://rubygems.org" | |
gem 'rubix' | |
gem 'zabbixapi' | |
gem 'zabby' | |
gem 'zbxapi' |
ChefとかPuppetとかの勉強会です
次回があるかはわかりませんが、今回はChef成分多めになっております
Twitterハッシュタグ #pfcasual
IRCチャンネル #chef-casual@freenode
package main | |
import ( | |
"fmt" | |
"os" | |
"github.com/codegangsta/cli" | |
) | |
func main() { |
CVE-2016-7401
https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
pythonのcookie parserが ; 以外もpairsの区切り文字として解釈するので、google analyticsのreferrer経由でsetされるcookieを使ってCSRF tokenを上書き可能だったという問題。
django側でcookie parser自前で実装、python本体は直ってないようだ https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a
多くのcookie parserは、pairsの区切りとして ; と , を許容しているのでdjango以外にも影響がある。 ブラウザが使用するcookie pairの区切りは実際には ;
Within GitHub it is possible to set up two types of SSH key - account level SSH keys and and repository level SSH keys. These repository level SSH keys are known in GitHub as deploy keys.
Deploy keys are useful for deploying code because they do not rely on an individual user account, which is susceptible to change, to “store” the server keys.
There is, however, an ‘issue’ with using deploy keys; each key across all repositories on GitHub must be unique. No one key can be used more than once. This becomes a problem when deploying to repositories to the same server with the same user. If you create two keys, the SSH client will not know which key to use when connecting to GitHub.
One solution is to use an SSH config file to define which key to use in which situation. This isn’t as easy as it seems.. you might try something like this:
/* | |
href | |
┌────────────────────────────────────────┴──────────────────────────────────────────────┐ | |
origin │ | |
┌────────────┴──────────────┐ │ | |
│ authority │ | |
│ ┌───────────────┴───────────────────────────┐ │ | |
│ │ host resource | |
│ │ ┌──────────┴─────────────────┐ ┌────────────┴───────────┬───────┐ | |
│ │ hostname │ pathname │ │ |